What went wrong on www.WilliamsF1.com. Could performance testing help avoid the problem?Performance
Can you foresee an increase of traffic on a website so rapid, that it completely disables it? Think about what happened to WilliamsF1.com after they released the news about Robert Kubica becoming their new driver and talk about performance testing.
Rumors about Robert Kubica becoming the new team’s line-up driver for 2019 could be heard for some time now, but it was the official news publisher here: https://www.williamsf1.com/racing/news/2018/11/williams-martini-racing-confirms-robert-kubica-as-race-driver-for-2019, that caused an increase in traffic on the team’s website so immense, it completely went down for some time. Fortunately, the IT team reacted swiftly and fixed all problems in a blink of an eye. It is good to know that Robert has so many fans, that they can unwillingly take down a well established website, but could this accident be avoided?
Let’s quickly define what happened. The website’s IP address was bombarded with a large volume of traffic and the server got overwhelmed with work. Because of that, it could not respond to new inquiries that kept coming and coming. In fact, what happened can be compared to a DDoS attack, only this time it was legitimate, organic traffic, not a willing act of wrongdoing. Preparation process should be very similar in both cases, though, so let’s list six steps to stopping a DDoS attack or surviving a rapid increase in organic traffic.
Identify the problem as fast, as you can!
No matter if it is a real attack or just an extraordinary increase in organic traffic, your job is to notice the alarming situation early. The sooner you realize the problem, the higher your chances of avoiding a disaster are. But how to notice something so dramatically fast?
First of all, you need to be familiar with your ordinary traffic patterns. The more you know about your traffic profile, the easier for you is to notice anything alarming. Usually, what you need to look for is a sharply peaking rate of inbound traffic. But be careful, because you need to be able to distinguish a rapid increase of traffic caused by your marketing actions, some random news and a DDoS attack. In order words, make good use of performance monitoring tools. In order to learn and understand the patterns we mentioned, it is the best to conduct a series of performance testing activities.
Have some extra bandwidth
Bandwidth costs, but saving on it is never a good idea, performance security wise. Even if you do not make use of it in ordinary, expected conditions, you will need to accommodate extra bandwidth to withstand sudden peaks of load. Such sudden surges happen quite often, what it takes is just an accident, for instance a viral effect in social media, a good advertising campaign, a promotional offer of some great news that everybody was waiting for. Obviously the last one was the cause of problems for WilliamsF1.com. If they could release more bandwidth, maybe they could survive the pinnacle of inbound traffic long enough. How much extra bandwidth do you need? The more, the best, but to get accurate intel, it is a good idea to order performance testing.
Not much can be done in a situation we are discussing here, however a few technical measures can be taken to minimize the losses and maximize your chance of survival. Experts suggest the following
- adding filters that will help the router block off suspicious sources of traffic
- timing out half-open connections in a aggressive way
- drop spoofed or malformed packages
- set lower SYN, ICMP, and UDP flood drop thresholds
- rate limiting the router to prevent the Web server from being overwhelmed
These steps used to be quite effective with DDoS attacks in the past, nowadays however, they could just buy you some time. Some time is, howeve,r all you need in some cases. Performance testing will tell you more about your needs.
Contact your ISP
Immediately explain your situation to your ISP. A good IPS should have some emergency contacts for you to use when needed. If you operate your own servers you may be in more severe problems, than if you use a well established hosting center, because such centers always have a lot more bandwidth to facilitate and a higher capacity of routers. They may solve your problems to save their good reputation.
Prepare for the next time
If you got surprised once, it may happen again, especially you did not monitor the traffic to actually notice the problem before it was too late. Think about doing some performance tests to determine your limits and learn more about your capabilities. Asking for professional help will also help you improve your resistance for unusual peaks of traffic. You can learn more about it on this section on our website: Performance Testing.